The invention relates to a method for authorising a second client to a server for a user account for setting up a secure connection between the second client and a first client.
Trustworthy communication between different subscribers in the Internet is a challenge due to the lack of trustworthiness of the medium constituted by the Internet and of the communication channels thereof. In order to nevertheless ensure trustworthiness, asymmetric cryptographic methods are generally used, in which an exchange of the public keys between the clients, i.e. between computers, servers, tablet PCs, smart phones, etc., is necessary before an exchange.
The security of such a method is dependent on whether or not the exchange of the keys is compromised, i.e. whether the clients can be certain that the public key also actually originates from the other client and vice versa. This uncertainty is utilised actively inter alia by man-in-the-middle attacks.
In order to avoid such attacks, two different solution approaches are used. On the one hand what is known as a public key infrastructure (PKI) can be used, in which a PKI service provider acts as notary and assures the authenticity of the keys. On the other hand the clients can be organised in what is known as a peer-to-peer network, in which the clients communicate directly with one another without service provider arranged between and exchange their keys under their own responsibility.
However, neither method is considered for the operator of an Internet service for particularly secure and trustworthy communication. This is because the operator cannot be simultaneously both the PKI operator and the notary, because he would therefore at least technically be able to compromise the trustworthiness of his own service, by accident or as the result of a successful attack, over his infrastructure. From a technical viewpoint, this would then be no more than an “end-to-end encryption”.
On the other hand the use of an external PKI infrastructure would place the business model of the operator at risk, because the service thereof in the fundamental area of production of a relationship of trust between the clients of the user is dependent on third parties. In addition, the trust problem would thus only be transferred to these third parties, and would generally continue to exist.
Lastly, the use of a fundamentally open peer-to-peer network also conflicts with the economical interests of the operator. In addition, the operator takes incalculable risks, because he is responsible for the quality and the security of his service, and the secure authorisation of the subscribers forms the basis of his value proposition.
In the prior art there are a multitude of symmetric and asymmetric encryption methods in a wide range of strengths and lengths. The known symmetric methods include, in particular, AES (Advanced Encryption Standard), DES/3DES (Data Encryption Standard), IDEA (International Data Encryption Algorithm), Blowfish, Twofish, CAST-* (Carlisle Adams Stafford Tavares) and RC* (Rivest Cipher), whereas known asymmetric methods include, in particular, RSA (Rivest Shamir Aldeman), Elgamal, Merkle-Hellmann and Rabin.
These methods, however, have systemic weaknesses. In the case of symmetric methods the key to be encrypted is identical to the key to be decrypted. This, in the case of message transfer, places high demands on the key exchange between the involved parties. In the case of asymmetric methods there are indeed separate keys for the encryption and decryption, however the subscribers involved in an encrypted message exchange must ensure that their key also actually corresponds to that of the other subscriber and that a third party has not intervened in the communication and the communication in this regard can no longer be considered to be secure.
Especially when safeguarding secrets, such as passwords or transaction numbers, separate methods, or what are known as hash methods, are used. By means of hash methods it is possible to verify whether a provided secret matches the secret that has been transmitted by a subscriber or a system. With hash methods this verification can be performed without storing the secret itself. Instead, only the result of a preferably low-conflict or free function is stored, the input of which was the secret plus a random number. This increases the security of the secret, because a compromise of the memory system of this secret does not lead to a compromise of the secret itself.
In order to solve the trust problem in asymmetric encryption methods, various methods also exist, such as Kerberos, PGP, Off-The-Record Messaging, S/MIME or Public Key Infrastructure.